Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
File:                     QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json)
Hash identifier:          Onz3gnaw3lJxiOr+XtHryK7lLyOq2LjdwwF5j3HxR6c=
Subject key identifier:   A3:D8:06:5A:81:0D:42:28:20:5E:CB:14:4A:B7:8E:9C:07:02:8F:91
Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6
Certificate issuer:       /CN=431c57e1921d31a34aebd12e507a136fe04598c6
Certificate serial:       019684DA51A58B8AF5386A634A0C8DD414AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
Manifest number:          02D3
Signing time:             Wed 30 Apr 2025 04:00:22 +0000
Manifest this update:     Wed 30 Apr 2025 04:00:22 +0000
Manifest next update:     Thu 01 May 2025 04:00:22 +0000
Files and hashes:         1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: P+3zoxJmGE/+XjoGzFDMiErwkWEVifGvJgUGRgUnlj4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 01 May 2025 00:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:84:da:51:a5:8b:8a:f5:38:6a:63:4a:0c:8d:d4:14:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6
        Validity
            Not Before: Apr 30 04:00:22 2025 GMT
            Not After : May  1 04:00:22 2025 GMT
        Subject: CN=a3d8065a810d4228205ecb144ab78e9c07028f91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:06:f0:8a:94:b7:53:b6:c9:5e:a5:2a:23:80:
                    bc:6c:ad:ee:a5:e2:1a:7a:c7:be:86:ac:c3:5c:ce:
                    d9:93:67:70:1a:58:20:2c:3a:05:17:a0:9f:a1:16:
                    fb:28:8b:3b:cb:70:54:fe:2b:85:6c:e3:01:8e:3c:
                    95:c4:69:10:a5:18:c8:b1:a4:2f:ad:ed:d5:d8:af:
                    fb:b4:f4:c3:06:96:a4:78:32:91:e4:ab:b2:f6:f5:
                    f7:b8:7c:6f:28:f8:3c:d4:de:3c:b4:80:53:00:ad:
                    30:f3:b5:52:44:d7:93:34:a3:c9:03:27:10:86:9e:
                    a9:2f:fa:d7:0e:3c:79:5e:ba:73:35:0b:0d:1a:01:
                    de:16:7c:48:0c:3e:cd:f6:5f:35:3c:29:2d:e2:7d:
                    54:90:ab:1e:41:a0:85:4c:f2:7e:7f:77:c3:3e:d8:
                    df:b5:66:ec:b9:a6:3c:91:e8:78:3f:5b:a3:03:a3:
                    a6:90:84:6a:bf:87:a9:70:09:c3:95:0f:dc:a5:1f:
                    e7:ee:cd:d9:c2:d3:a5:45:18:41:ca:4b:78:8c:8b:
                    7d:3e:8e:f3:07:4b:7f:41:4a:04:f8:39:bd:af:78:
                    5f:f2:39:8a:69:98:c4:dd:c0:23:97:31:cd:30:ef:
                    97:32:12:7d:7c:e3:29:88:f1:f8:42:ee:26:1c:4e:
                    0f:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:D8:06:5A:81:0D:42:28:20:5E:CB:14:4A:B7:8E:9C:07:02:8F:91
            X509v3 Authority Key Identifier:
                keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:64:02:21:8e:fa:89:86:6f:52:03:c5:fe:70:a7:39:8b:26:
         bb:61:35:ed:99:6d:48:f8:c5:db:67:35:99:50:4e:96:56:39:
         9d:45:51:a2:a8:0c:6b:ff:3e:05:f3:17:f1:1b:37:3e:a9:c5:
         4a:4f:bb:73:7c:6f:0b:44:46:70:2b:86:81:c9:0f:1e:43:b1:
         79:42:60:43:0e:6f:f2:67:b6:fd:52:e7:1b:89:3a:72:b2:32:
         40:05:a4:2a:ea:3c:9a:6d:59:42:24:d7:e3:bb:2d:d3:37:0a:
         7f:f7:bd:18:72:be:9b:32:d6:78:e9:34:10:4a:73:07:be:31:
         cd:85:15:c8:8a:9c:33:9c:81:39:c5:bb:d0:dd:0a:7a:e4:76:
         e6:18:1a:1c:cf:66:6d:f2:c9:c0:49:95:07:c7:c3:b8:57:7a:
         3d:0c:79:5a:55:7b:05:e2:d8:12:52:32:70:cb:2f:42:1c:4e:
         bc:09:21:99:16:c6:5d:2a:88:51:3d:3d:cd:98:cf:56:9f:97:
         28:68:45:a6:0f:4e:25:a0:42:5c:20:e7:4c:dc:58:5d:73:11:
         3c:d1:9c:c5:56:30:f8:1e:09:24:40:5c:55:73:8c:dd:4b:d7:
         ab:d7:0f:02:77:69:ca:38:50:c2:b2:5d:83:e9:66:3a:62:44:
         52:6e:d7:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZaE2lGli4r1OGpjSgyN1BSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0
NTk4YzYwHhcNMjUwNDMwMDQwMDIyWhcNMjUwNTAxMDQwMDIyWjAzMTEwLwYDVQQD
EyhhM2Q4MDY1YTgxMGQ0MjI4MjA1ZWNiMTQ0YWI3OGU5YzA3MDI4ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AbwipS3U7bJXqUqI4C8bK3upeIa
ese+hqzDXM7Zk2dwGlggLDoFF6CfoRb7KIs7y3BU/iuFbOMBjjyVxGkQpRjIsaQv
re3V2K/7tPTDBpakeDKR5Kuy9vX3uHxvKPg81N48tIBTAK0w87VSRNeTNKPJAycQ
hp6pL/rXDjx5XrpzNQsNGgHeFnxIDD7N9l81PCkt4n1UkKseQaCFTPJ+f3fDPtjf
tWbsuaY8keh4P1ujA6OmkIRqv4epcAnDlQ/cpR/n7s3ZwtOlRRhBykt4jIt9Po7z
B0t/QUoE+Dm9r3hf8jmKaZjE3cAjlzHNMO+XMhJ9fOMpiPH4Qu4mHE4PnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPYBlqBDUIoIF7LFEq3jpwHAo+RMB8GA1UdIwQY
MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt
Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2
LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHWQCIY76
iYZvUgPF/nCnOYsmu2E17ZltSPjF22c1mVBOllY5nUVRoqgMa/8+BfMX8Rs3PqnF
Sk+7c3xvC0RGcCuGgckPHkOxeUJgQw5v8me2/VLnG4k6crIyQAWkKuo8mm1ZQiTX
47st0zcKf/e9GHK+mzLWeOk0EEpzB74xzYUVyIqcM5yBOcW70N0KeuR25hgaHM9m
bfLJwEmVB8fDuFd6PQx5WlV7BeLYElIycMsvQhxOvAkhmRbGXSqIUT09zZjPVp+X
KGhFpg9OJaBCXCDnTNxYXXMRPNGcxVYw+B4JJEBcVXOM3UvXq9cPAndpyjhQwrJd
g+lmOmJEUm7XcQ==
-----END CERTIFICATE-----